<?php
// LOGIN
include('config.php'); 
include('common-functions.php');

if(isset($_POST['email']) && isset($_POST['psw']))
{ 

	echo("||  PRINT ==> " . $_POST['email'] . "  " . $_POST['psw'] . " || ");

	// Clean Input
	$email		=	cleanInput($_POST['email']);
	$psw		=	cleanInput($_POST['psw']);
			
	// Verify login
	$login_sql	=	'SELECT * FROM tbUSERS WHERE Email ="'.$email.'" AND Password ="'.$psw.'"';
	$login		=	mysql_query($login_sql);
	
		
	if (!$login) 
	{
		die('Invalid query: ' . mysql_error());
	}

	if(mysql_num_rows($login)>0){
		while ($row = mysql_fetch_array($login)) 
		{
			$userid   = $row['Id'];
			$username = $row['Name'];
            $pagination = $row['Pagination'];
			
			session_start();
			// Save Session and redirect to Home Page
			$_SESSION['id']		    =	session_id();
			$_SESSION['userid']   	=	$userid;
			$_SESSION['username']	=	$username;
            $_SESSION['pagination'] =   $pagination;
			
			// Set te page where redirect the user after the login
			redirect('../index.php');
		}
	} else {
		
		// in case of error set this var = 1.
		// a red box will appear in the page where is the login-form
			//redirect('../index?error=1');
	}
}
?>
